As part of the my learning phase, anyone here can help me out resolving to establish a simple site-to-site vpn tunnel. I have two routers of the same model cisco 887 at the Headoffice and Branch office. Though both the routers are having ADSL ports, i am not using it. I have connected the on both the FE 0 to an ADSL router. FE4 is connected to the internal LAN. The IP details of the ADSL routers are as below. I am able to reach/ping from ROUTER HO to the Public IP of ADSL Router at the Branch Office and vice versa. However am not able to reach/ping the internal address of the ADSL router from any side. The VPN tunnel status (sh crypto session sa) is down. Appreciate if anyone could throw some light please in establishing a VPN tunnel successful.
ADSL Router at Head Office
Public IP: Y1.Y2.Y3.Y4
Internal Router IP: 10.0.0.100
ADSL Router at Branch Office
Public IP: X1.X2.X3.X4
Internal Router IP: 10.0.0.200
I have copied below the configuration on both the routers.
ROUTER HEAD OFFICE
Current configuration : 5808 bytes
! Last configuration change at 16:26:46 UTC Sun Feb 5 2012
! NVRAM config last updated at 16:27:11 UTC Sun Feb 5 2012
Thank you Julio for your time. I am not able to ping from the 192.168.19.0/24 to 192.168.11.0/24 and back. When i ping i get the reply with TTL expired in transit.
The sh crypto session command, gives me interface status shows DOWN. Infact i have added the crypto map HO-LOC to interface Fast Ethernet 0, if you look at my earlier configuration. However i have even tried the same being applied at vlan 1 as suggested and no luck
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...